Date: May 19, 2022
Application Deadline: Open until filled
Position Title: Information Systems Security Officer
Job Type: Regular/Part Time (.75 FTE)
Under general supervision from the CIO, the Information Systems Security Officer (ISSO) is responsible of the performance of all information security related activities for the institution, including but not limited to:
- Performs assessments of the information security/risk posture within the campus network, systems and software applications.
- Maintains oversight of information security and vendors regarding the security maintenance of their systems and applications.
- Monitors information risk and facilitates remediation of identified vulnerabilities with the NNMC network, systems, and applications.
- Reports on findings, tracking resolutions, and recommendations for corrective action.
- Oversees vulnerability assessments as assigned utilizing information security tools and methodologies.
- The Information Systems Security Officer coordinates information security audits, risk assessments, monitors and adheres to regulatory compliance.
DUTIES & RESPONSIBILITIES:
- Develops procedures and standards that meet existing and newly developed policy and regulatory requirements including NIST, FERPA, PCI, and/or audit guidance
- Mitigates all Information Systems Security Risks by incorporating ‘best practices’ with application and hardware tools available in the industry.
- Manages the IT security and IT risk (e.g., data systems, network and/or web) across the organization.
- Provide security awareness training to all users within the organization.
- Address questions from internal and external audits and examinations
- Facilitates information security/risk team training
- Serves as project manager/lead for information security projects
- Promotes awareness of applicable regulatory standards, upstream risks and industry best practices across NNMC
- Leads Information Security operational tasks, incident response and troubleshooting
- Uses system and security logs for forensic analysis of security incidents
- Monitors critical infrastructure and information security threats on an ongoing basis
- Provides first response services for detected threats
- Triages and assesses potential threats and delegate remediation to operational teams
- Maintains technical competency in an evolving threat landscape
- Acts as a key member of information security incident response ad hoc teams
- Becomes aware of and enforce policies and procedures as appropriate
- Establish and maintain constructive and cooperative interpersonal relationships with staff, peers, supervisors, and managers as well as any individuals external to NNMC.
- Performs other related duties as assigned
MINIMUM JOB REQUIREMENTS:
- Bachelor’s Degree specifically in Information Systems Security AND four (4) years of related experience, OR
- Associates Degree specifically in Information Systems AND seven (7) years of related experience, AND
- Proven knowledge and expertise in Cybersecurity and mitigation tactics
- CCISP – Cisco Certified Information Security Professional or other professional cyber security certification
- CISA – Cisco Certified Security Auditor
- CISM – Cisco Certified Security Manager
- Security+ – CompTIA Certification
- Experience working as an Information System Security Officer
- Knowledge of Risk Management Framework (RMF)
- Advanced experience with network logging and log consolidation tools such as Splunk or Elm
KNOWLEDGE, SKILLS, and ABILITIES:
- Experience in administering information security controls in an organization
- Knowledge of technical infrastructure, networks, databases and systems in relation to information security and risk
- Experience with Next Generation Security Appliances and SIEM technologies
- GSEC (GIAC Security Essentials) OR related certification
- Project management skills preferred
- Windows workstation and server administration experience preferred
- Prior experience performing security reviews and risk assessments preferred
- Experience supervising, coaching, and mentoring information technology professionals
- Successful experience working, collaborating and establishing credibility and relationships with senior leadership, colleagues and customers
- Ability to deal efficiently and effectively with a wide range of vendors
- Provide direction to ITS leadership within the enterprise IT infrastructure area
- Ability to maintain confidentiality. Ability to work independently.
- Relate to and interact with a non-traditional and diverse student and employee population.
- Balance competing requirements and needs of client organizations.
- Read, analyze, and interpret standards, policies, procedures, and regulations.
- Exercise good judgment and focus on detail as required by the job.
- Meet schedules and deadlines of the work unit.
- Ability to communicate effectively orally and in writing.
- Adapt to changes in work situations and priorities.
- Reason/analyze; use logic to identify and resolve problems.
- Must occasionally lift and/or move up to 50 pounds;
- Repetitive hand motions and prolonged use of computer;
- Sitting for extended periods of time.
- Work is normally performed in a typical office environment.
A complete application must include: 1) a letter of interest, 2) resume, 3) copies of unofficial transcripts conferring required and/or preferred degree, and 4) names, addresses, and phone numbers of (3) three professional references.
Copies of certifications, if applicable.
Candidates who are invited for interviews will be required to submit official transcripts.
References will be contacted in conjunction with interviews.
Required application materials should be sent to: firstname.lastname@example.org.
NNMC IS AN EQUAL OPPORTUNITY EMPLOYER